931
|
7.2 |
HIGH
Network
|
online_travel_agency_system_project
|
online_travel_agency_system
|
SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the emp_id parameter at employee_detail.php.
Update
|
CWE-89
SQL Injection
|
CVE-2023-31938
|
2024-10-8 04:36 |
2023-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
932
|
9.8 |
CRITICAL
Network
apache
|
apache-airflow-providers-apache-hive
|
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Hive Provider.
This issue affects Apache Airflow Apache Hive Provider: before 6.1.1.
Before version 6.1.1 it was …
Update
|
CWE-20
Improper Input Validation
|
CVE-2023-35797
|
2024-10-8 04:36 |
2023-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
933
|
8.8 |
HIGH
Network
|
apache
|
apache-airflow-providers-jdbc
|
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow JDBC Provider.
Airflow JDBC Provider Connection’s [Connection URL] parameters had no
restrictions, which made it p…
Update
|
CWE-20
Improper Input Validation
|
CVE-2023-22886
|
2024-10-8 04:36 |
2023-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
934
|
7.8 |
HIGH
Local
|
apache
|
apache-airflow-providers-odbc
|
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Apache Software Foundation Apache Airflow ODBC Provider.
In OdbcHook, A privilege escalation vulner…
Update
|
CWE-88
Argument Injection
|
CVE-2023-34395
|
2024-10-8 04:36 |
2023-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
935
|
8.8 |
HIGH
Network
|
google debian fedoraproject
|
chrome debian_linux fedora
|
Use after free in OS Inputs in Google Chrome on ChromeOS prior to 113.0.5672.63 allowed a remote attacker who convinced a user to enage in specific UI interaction to potentially exploit heap corrupti…
Update
|
CWE-416
Use After Free
|
CVE-2023-2461
|
2024-10-8 04:36 |
2023-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
936
|
8.8 |
HIGH
Network
|
google debian fedoraproject
|
chrome debian_linux fedora
|
Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2023-2134
|
2024-10-8 04:36 |
2023-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
937
|
8.8 |
HIGH
Network
|
google debian fedoraproject
|
chrome debian_linux fedora
|
Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2023-2133
|
2024-10-8 04:36 |
2023-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
938
|
8.8 |
HIGH
Network
|
google fedoraproject debian
|
chrome fedora debian_linux
|
Use after free in Vulkan in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Update
|
CWE-416
Use After Free
|
CVE-2023-1818
|
2024-10-8 04:36 |
2023-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
939
|
8.8 |
HIGH
Network
|
atlassian
|
confluence_server confluence_data_center
|
Affected versions of Atlassian Confluence Server and Data Center allow users with a valid account on a Confluence Data Center instance to execute arbitrary Java code or run arbitrary system commands …
Update
|
CWE-94
Code Injection
|
CVE-2021-39114
|
2024-10-8 04:36 |
2022-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
940
|
9.8 |
CRITICAL
Network
atlassian
|
crucible fisheye
|
Various rest resources in Fisheye and Crucible before version 4.8.9 allowed remote attackers to brute force user login credentials as rest resources did not check if users were beyond their max faile…
Update
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2021-43958
|
2024-10-8 04:36 |
2022-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|